Описание
Argument injection vulnerability in Apple QuickTime 7.2 for Windows XP SP2 and Vista allows remote attackers to execute arbitrary commands via a URL in the qtnext field in a crafted QTL file. NOTE: this issue may be related to CVE-2006-4965 or CVE-2007-5045.
Ссылки
- Patch
- Patch
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:a:apple:quicktime:7.2:*:windows_sp_2:*:*:*:*:*
cpe:2.3:a:apple:quicktime:7.2:*:windows_vista:*:*:*:*:*
EPSS
Процентиль: 80%
0.01381
Низкий
9.3 Critical
CVSS2
Дефекты
CWE-78
Связанные уязвимости
github
почти 4 года назад
Argument injection vulnerability in Apple QuickTime 7.2 for Windows XP SP2 and Vista allows remote attackers to execute arbitrary commands via a URL in the qtnext field in a crafted QTL file. NOTE: this issue may be related to CVE-2006-4965 or CVE-2007-5045.
EPSS
Процентиль: 80%
0.01381
Низкий
9.3 Critical
CVSS2
Дефекты
CWE-78